package com.tenement.common;

import cn.hutool.core.collection.CollectionUtil;
import com.tenement.dto.LoginUserDto;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

@Component("exp")
public class MyExpressionRoot {

    public boolean hasAuthority(String authority){
        //获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        // 这里的对象已经经过security过滤器链.认证过滤器已在SecurityContextHolder存储用户信息
        LoginUserDto loginUser = (LoginUserDto) authentication.getPrincipal();
        if (CollectionUtil.isNotEmpty(loginUser.getAuthorities())) {
            List<String> permissionCode = loginUser.getAuthCode();
            //判断用户权限集合中是否存在authority
            return permissionCode.contains(authority);
        }
        return false;
    }
}
